The Week in Ransomware – April 21st 2023 – Macs in the Crosshairs
A lot of news broke this week related to ransomware, with the discovery of LockBit testing macOS encryptors to an...
Year: 2023
GhostToken GCP flaw let attackers backdoor Google accounts
Google has addressed a Cloud Platform (GCP) security vulnerability impacting all users and allowing attackers to backdoor their accounts using...
Cl0p Ransomware Victim: AUT-TECH-GROUP[.]COM
Cl0p Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
CISA: CISA and Partners Release Cybersecurity Best Practices for Smart Cities
CISA and Partners Release Cybersecurity Best Practices for Smart Cities Today, CISA, NSA, FBI, NCSC-UK(link is external), ACSC(link is external),...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on April 20, 2023. These...
CISA: CISA Releases Malware Analysis Report on ICONICSTEALER
CISA Releases Malware Analysis Report on ICONICSTEALER CISA has released a new Malware Analysis Report (MAR) on an infostealer known...
CISA: CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool CISA has announced plans to continue and enhance the Logging...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
Empire C2 Detected – 66[.]42[.]48[.]188:80
The Information provided at the time of posting was detected as "Empire C2". Depending on when you are viewing this...
US-CERT Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Striker – A Command And Control (C2)
Striker is a simple Command and Control (C2) program. Disclaimer This project is under active development. Most of the features...
Royal Ransomware Victim: GKS Hydraulik
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
Malware Analysis – – ac5b83224a5aaafe540805a2555b62c2
Score: 1 MALWARE FAMILY: TAGS:MD5: ac5b83224a5aaafe540805a2555b62c2SHA1: adc510b4447f3ecfcd3406be1f79027c73ed0dfbANALYSIS DATE: 2023-04-08T19:50:01ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 2507457dc74ba35692289735b816bc33
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: 2507457dc74ba35692289735b816bc33SHA1: fee3651f12fedaf4cd149dbfdd5da55ac773280eANALYSIS DATE: 2023-04-21T15:50:27ZTTPS: T1060, T1112, T1005, T1081,...
Malware Analysis – djvu – a6d373430a8ca2e93109f8791508f2bc
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: a6d373430a8ca2e93109f8791508f2bcSHA1: e9a58acd2626dd03d484fa23ed8a83410ff96672ANALYSIS DATE: 2023-04-21T15:40:23ZTTPS: T1082, T1012, T1005, T1081,...
Malware Analysis – smokeloader – d299c57057e47b1a81dd5c49bb822566
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: d299c57057e47b1a81dd5c49bb822566SHA1: 4369f3fccf494cec03cee057b86db29e6fcbef05ANALYSIS DATE: 2023-04-21T15:38:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – 459085283ba0c03ae143d25791cc1880
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 459085283ba0c03ae143d25791cc1880SHA1: 688f769f302d06443ae42a794f0d2d36be8c7886ANALYSIS DATE: 2023-04-21T17:43:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
